package servlet;

import model.Admin;
import model.User;
import util.DBHelper;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;

@WebServlet("/login.do")
public class LoginServlet extends HttpServlet {
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        doGet(request, response);
    }

    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException  {

        String name = request.getParameter("name");//用户输入
        String password = request.getParameter("password");
//        String code = request.getParameter("verify");
        // 生成验证码后，kaptcha会把验证码写入session中以KAPTCHA_SESSION_KEY为名字保存
//        String verifyCode = (String) request.getSession().getAttribute("KAPTCHA_SESSION_KEY");
        // 1. 检查验证码
//        if (code !=null && code.equals(verifyCode)) {
        try {
            Connection conn = DBHelper.getConnection();
            String sql = "select  uid,name, true_name,age ,sex ,password,address from user where name = ? AND password = ?";
            String sql1 ="select  aid,name,password from admin where name = ? AND password = ?";
            // 执行查询（有参数）
            PreparedStatement pstat = conn.prepareStatement(sql);
            pstat.setString(1, name);
            pstat.setString(2, password);
            ResultSet rs = pstat.executeQuery();

            PreparedStatement pstat1 = conn.prepareStatement(sql1);
            pstat1.setString(1, name);
            pstat1.setString(2, password);
            ResultSet rs1 = pstat1.executeQuery();
            // 处理查询结果
            if (rs.next()) {
                // 1.1 成功
                // 2. 检查用户名和密码
                User user = new User(rs.getInt("uid"),
                                     rs.getInt("age"),
                                     rs.getString("name"),
                                     rs.getString("true_name"),
                                     rs.getString("sex"),
                                     rs.getString("password"),
                                     rs.getString("address"));
                    request.getSession().setAttribute("name",name);
                    request.getSession().setAttribute("user",user);
                    response.sendRedirect("comShow.do");
//                request.getRequestDispatcher("commodityShop.jsp").forward(request,response);
            }else if (rs1.next()) {
                // 1.1 成功
                // 2. 检查用户名和密码
                Admin admin = new Admin(rs1.getInt("aid"),
                                        rs1.getString("name"),
                                        rs1.getString("password"));
                    request.getSession().setAttribute("name",name);
                    request.getSession().setAttribute("admin",admin);
                    response.sendRedirect("adminCommodity.do");
//                    request.getRequestDispatcher("commodity/AdminCommodity.jsp").forward(request,response);
            }
            else {
//                         2.1 返回登录，并给出错误信息
                request.setAttribute("errorMsg", "密码错误");
                request.getRequestDispatcher("login.jsp").forward(request,response);
            }
        } catch (SQLException e) {
            e.printStackTrace();
        }
//        }
//        else {
//            // 2.1 返回登录，并给出错误信息
//            request.setAttribute("errorMsg", "验证码错误");
//            request.getRequestDispatcher("index.jsp").forward(request,response);
//        }
    }
}
